The work was presented at the HiTB conference in Kuala Lumpur 2013. Presentation slides are available here.
From the official Trend Micro blog:
Trend Micro researchers have discovered that AIS (Automatic Identification System) security problems can allow communications between ships to be intercepted, "ghost ships" created, SOS or collision messages sent, or AIS disabled on any vessel altogether.
By Marco Balduzzi and Kyle Wilhoit
It seems to me that those who researched the security of these systems (AIS) had a good time and received a portion of fun. But “security” has nothing to do with it.
Automatic identification systems for ships
AIS is an automatic tracking system that is installed and used by ships and navigation services to identify and locate ships by exchanging data with other nearby ships, AIS ground stations, and satellites. When satellites are used to transmit messages, then such communication is designated Satellite-AIS (S-AIS). The information received through AIS complements the data received from radar, which is still the main source of navigation for water transport.
AIS is used for the following purposes:
Data exchange between ports and ships
Data exchange between ships on the high seas
Navigation, course, location and speed
Where it is used:
Marine Traffic Control Service
Collision Avoidance
Coast Guard
Help with navigation
Rescue operations
Short messages, for example weather forecast
The data (unique identification number, position, course and speed) that these tracking systems provide is displayed either on screens or on the ECDIS. Automatic identification systems help navigators and various maritime services monitor maritime transport and its movement. The heart of the system is a standard UHF transmitter and a satellite positioning system such as LORAN-C, GPS, or Glonass, plus other additional navigation sensors, such as a gyrocompass or angular velocity sensor. Vessels that are equipped with AIS transceivers and transponders can be monitored from land through special base stations located along the coast, or through satellites that have equipment for receiving and transmitting AIS signals.
Transponders automatically send their location, speed and navigation status at regular intervals through built-in UHF transmitters. The information is taken from the ship's navigation sensors, usually a satellite navigation system or a gyrocompass. Other information, such as the vessel name and UHF ID, is flashed into the equipment when it is installed. The signals are received by AIS transponders installed on other ships or ground stations, for example, a vessel traffic control system. The resulting data is then projected onto screens or interactive maps for further analysis and traffic coordination.
The conclusion that the researchers came to is that the identification system of ships can quite easily be used for all sorts of “dirty tricks.” Essentially, AIS is a regular UHF radio that openly transmits various types of navigation data, which means that all safety problems are related to the radio. To say that AIS has been completely hacked is, at the very least, incorrect, if only for the reason that this system was developed at a time when the danger of intercepting this data was minimal. Now, with the advent of software-defined radio communication systems, the task of intercepting and retransmitting these messages has been greatly simplified.
Let's now analyze possible scenarios for the malicious use of these systems, which the researchers cite in their report.
Possible collision
Let's imagine for a moment that we have a tanker. And now the navigator is standing in the cockpit and suddenly a signal comes on the screen about a possible collision with another ship. By the way, all such signals are recorded in a kind of “black” box (the same as on airplanes or racing cars) and must be confirmed by the navigator. At this moment, the navigator must perform strictly regulated actions and compare potentially dangerous data with indicators of other systems, at least from radar, satellite navigation systems, and visually. As a result, the event will be recorded and the alarm will be cancelled.
Man overboard
A similar scenario is with a ship on which the crew receives a signal about another ship in distress. In most cases, such information is immediately transmitted on the ground to the coast guard, which will coordinate all subsequent actions. They are obliged to double-check the received data and notify the team about further actions. As a result, almost all the risks considered by the researchers in their report are minimized.
Disabling AIS transponders on other vessels
In some cases, the ship's crew is allowed to completely disable their identification systems. In this case, there are clear rules that describe the actions of the team, for example, constant visual surveillance.
Substitution of weather data
AIS is just one of several sources of weather data. Data received through this channel is (usually) cross-checked and cross-checked with other sources.
All other abuses of these systems relate to online services, such as marinetraffic.com, where the data is provided for informational purposes only and is therefore unlikely to harm anyone.
From the very beginning, ship identification systems were designed to be open, and are likely to remain so in the near future. The introduction of encryption will mean huge changes because... All equipment on ships will need to be changed. Since most of the risks are minor, I think it is unlikely that the International Maritime Organization will reconsider the safety of this system.
The number of vehicles is constantly growing, not only on the roads. Recently, the world's civil fleet is annually replenished with approximately three thousand ships with a displacement of over 100 tons. One can only guess how much the population of smaller seaworthy plankton is increasing, but when you observe a forest of masts in another Turkish marina, you can easily think that the yachts there reproduce every day by simple division - like ciliates.
Of course, with such rapid growth of the world fleet, ships will cross paths more and more often.
Mathematical statistics clearly hint that not all of these meetings will end in a successful separation at a safe distance, but practical experience shows that this problem cannot be solved by radar alone.
Mainly to reduce the risk of ship collisions, it was developed in 2000 AIS - Automatic Identification System, that is, Automatic Identification System. Its functionality turned out to be so successful that just two years later the International Maritime Organization demanded the mandatory installation of AIS terminals on all cargo ships with a displacement of more than 500 registered tons, on “trucks” over 300 tons on international voyages, and on all ships for passenger transport, regardless of tonnage
Unlike radars, which can detect the appearance of large floating objects near the ship and approximately estimate their current direction and speed of movement, AIS allows you to obtain much more detailed and accurate information about the navigation situation.
To better understand the capabilities of the new system, let’s first understand how it works.
The ship's AIS module is a digital VHF transceiver linked to the ship's navigation systems. Depending on the speed of the vessel, every 2–10 seconds (every 3 minutes when stationary), it automatically transmits the following operational information: MMSI identification number, navigation status (“at anchor”, “moving under motor”, etc.). ), current coordinates, true course and speed, angular rate of turn and exact time stamp.
In addition to dynamic data, static data is transmitted every 6 minutes: vessel identification number IMO, its type, name, radio call sign, dimensions, type of positioning system (GPS, GLONASS, LORAN) and even the position of its antenna relative to the bow of the vessel. Route information is transmitted at the same frequency: destination with estimated time of arrival, draft, cargo category and number of people on board. In addition, in the event of a threat to the safety of the vessel, it is allowed to send text messages entered manually from it.
The received information can be displayed on the terminal in the form of a table with information about nearby vessels, as well as in the form of their symbols superimposed on navigation maps (for example, in a chartplotter) - of course, in this case it is much easier to assess the relative position and dynamics of movement.
In short, according to AIS messages, the captain can absolutely accurately assess the current navigation situation. By the way, radio traffic in the system is carried out in the range of 162 MHz, that is, at a much lower frequency compared to radar radiation. Longer radio waves are able to avoid obstacles such as large ships and low islands, and therefore the range of AIS is pleasantly impressive. Under favorable conditions, it can exceed 40 miles, but keep in mind that the height of the antenna here, as with other airborne transmitters, plays a decisive role.
For yachtsmen, at least those whose vessels do not appear in the Forbes magazine charts, the subtlety of using the system lies in the fact that only simplified version terminals, designated “Class B”, are allowed to be installed on ships with a displacement of less than 300 tons.
They feature a noticeably reduced transmitter power (2 W versus 12.5 W), which limits their transmission range to approximately five miles. Another nuisance is a simplified data transmission algorithm that allows you to send information only if there is free space on the air during the radio exchange of older brothers equipped with class A terminals. The trick here is that at any given time on any of the two AIS channels It is possible to transmit one single block of digital data, and class A devices are able to agree with each other in advance about the order in which they are issued.
However, you must agree: despite such discrimination, being in a rough sea at night, it is very pleasant to know that on a supertanker passing nearby, the watchman probably knows about the presence of your 45-foot yacht at his side.
There is another way to use AIS, and it involves installing a receiver that does not allow sending any data at all, but is capable of tracking the movements of all ships equipped with full-fledged terminals. By and large, this does not even require a separate device, since manufacturers like Icom And Standard Horizon began to equip top models of mounted VHF radios with this function.
Convenient, compact, not expensive, but there is one big “but” - it’s problematic to place even a text table on a small low-resolution screen, let alone build even the most primitive semblance of a map...
That is why AIS receivers were developed that do not display graphic information at all, but are able to convert data into packets of the standard NMEA protocol, which is understood by the vast majority of chartplotters. Plus, some of them can connect to computers via USB, or even transfer data via Wi-Fi to mobile gadgets running Android or iOS. Similar devices are produced, for example, Weather Dock.
By the way, when installing AIS equipment, even an additional antenna is not absolutely necessary due to operation in the same frequency range with the on-board radio. However, keep in mind that splitters used to connect two different devices to an antenna tend to reduce the signal level slightly, and if there is a problem with a single antenna, you will lose two security systems at once.
It would be naive to believe that such an advanced information exchange system was created solely to assist helmsmen in operational maneuvering. AIS also includes global monitoring of vessel movements for the benefit of a variety of shipping companies, traffic control centers, and government agencies that may require information about the location of certain vessels or cargo. For this reason, AIS equipment can be based not only on ships, but also on coastal stations, many of which are connected to a global network.
Well, in order to more effectively use the system to search and rescue sailors in emergency situations, emergency buoys are being produced that are capable of transmitting AIS information with high priority. There are also so-called virtual buoys - this is the only type of device in the system, whose real location may not coincide with the coordinates in their messages. As a rule, these are transmitters installed on the shore, warning passing ships of dangers such as poorly visible rocks or capes devoid of lighthouses jutting far out to sea.
It must be said that AIS receivers are even located on satellites. It is only on the surface of the Earth that the radius of propagation of its signal is limited by visibility to the horizon, but in space it can be received from hundreds of kilometers without any problems. Today, more than a dozen spacecraft are orbiting the planet, monitoring maritime traffic.
It’s especially nice that you can get to data on the global movement of ships without being the owner of a shipping company or a secret service agent. Information is available on a paid basis (for example, in the full version Google Earth), however, in a somewhat truncated form it can be seen for free, for example, on the resource www.marinetraffic.com, whose interactive maps and user-friendly interface are replicated on many other nautical websites.
Automatic identification system
Ship's AIS display (Class A)
AIS(Automatic identification system, (eng. AIS Automatic Identification System ) - in shipping, a system used to identify ships, their dimensions, heading and other data using VHF/UHF radio waves.
Recently there has been a tendency to interpret AIS as an Automatic Information System (English) AIS Automatic Information System ), which is associated with the expansion of the system’s functionality compared to the ordinary task of identifying vessels.
In accordance with the SOLAS 74/88 Convention, it is mandatory for ships with a displacement of more than 300 register tons on international voyages, ships with a displacement of more than 500 register tons not engaged in international voyages and all passenger ships. Vessels and yachts with a smaller displacement can be equipped with a class B device. Data transmission is carried out on international communication channels AIS 1 and AIS 2 in the SOTDMA protocol (English). Self Organizing Time Division Multiple Access ). Frequency modulation with GMSK keying is used.
Purpose
AIS is designed to increase the level of navigation safety, efficiency of navigation and operation of the vessel traffic control center (VTCS), environmental protection, ensuring the following functions:
- as a means of preventing collisions in ship-to-ship mode;
- as a means of obtaining information about the vessel and cargo by competent coastal services;
- as a VTC tool in ship-to-shore mode for controlling vessel traffic;
- as a means of monitoring and tracking ships, as well as in search and rescue (SAR) operations.
AIS components
The AIS system includes the following components:
- VHF transmitter,
- one - two VHF receivers,
- global satellite navigation receiver (for example, GPS, GLONASS), for Russia the GLONASS module in the AIS device is strictly mandatory, the main source of coordinates. GPS is auxiliary and can be taken from the GPS receiver via the NMEA bus;
- modulator/demodulator (converter of analogue data to digital and vice versa),
- microprocessor based controller
- equipment for input/output of information to control elements
Operating principle of AIS
System Overview from US Coast Guard
The operation of AIS is based on the reception and transmission of messages via VHF waves. The AIS transmitter operates at longer wavelengths than radars, which allows the exchange of information not only over direct distances, but also in areas with obstacles in the form of small objects, as well as in bad weather conditions. Although one radio channel is sufficient, some AIS systems transmit and receive on two radio channels in order to avoid interference problems and not disrupt the communication of other objects. AIS messages may contain:
- identification information about the object,
- information about the state of the object, received automatically from the object’s control elements (including from some electro-radio navigation devices),
- information about geographic and time coordinates that AIS receives from the global navigation satellite system,
- information entered manually by facility maintenance personnel (security-related).
The transfer of additional text information between AIS terminals (paging) is provided. Transmission of such information is possible both to all terminals within the range, and to one specific terminal.
In order to ensure the unification and standardization of AIS, the International Radio Regulations stipulate two channels for use for AIS purposes: AIS-1 (87V - 161.975 MHz) and AIS-2 (88V - 162.025 MHz), which should be used everywhere, with the exception of regions with special frequency regulation.
The digital information transmission rate in the AIS channel is selected at 9600 bps.
The operation of each AIS station (mobile or base) is strictly synchronized to UTC time with an error of no more than 10 μs from the built-in GNSS receiver (in the Russian Federation, according to signals from the combined GLONASS/GPS GNSS receiver). To transmit information, continuously repeating frames lasting 1 minute are used, which are divided into 2250 slots (time intervals) each lasting 26.67 ms.
Text uses 6-bit ASCII codes.
Displaying information about the environment in modern AIS is possible in 2 modes - both textual in the form of a table with a list of nearby vessels and their data, and in the form of a simplified schematic map depicting the relative positions of vessels and distances to them (calculated automatically based on the data transmitted by them geographic coordinates.) AIS is included in the list of equipment that is required to be provided with uninterruptible battery power.
Message structure
Static information
- MMSI number
- International Maritime Organization (IMO) number
- Radio call sign and name of the craft
- Dimensions
- Type of craft
- Antenna location data (from GNSS Glonass or GPS)
Data is transmitted every 6 minutes
Dynamic information
- Location (latitude and longitude)
- Time (UTC)
- Age of information (how long ago it was updated)
- True heading (relative to the ground), heading angle
- True speed
- Roll angle, trim
- Pitch angle
- Angular rate of turn
- Navigation status (for example: Unable to steer or Limited ability to maneuver)
and other information from repeaters and sensors of electro-radio navigation devices and systems
Other information
- Destination
- Arrival time (ETA)
- Vessel draft
- Cargo information (cargo class\category)
- Number of people on board
- Messages for warning and safety of cargo transportation
The throughput of each channel is up to 2000 messages per minute.
Message transmission intervals
Regulations
- IEC 62320-1:2007 Marine navigation and radiocommunication equipment and systems. Automatic Identification Systems (AIS).
- IEC 61993-2(2001-12) Maritime navigation and radiocommunication equipment and systems - Automatic identification systems (AIS)
- IMO Resolution MSC.43(64) “Guidelines and criteria for ship reporting systems.”
- IMO Resolution MSC.74(69) Annex 3 “Recommendations on operational requirements for universal shipboard AIS”.
- IMO Resolution MSC.74(69) “Operational requirements for combined shipboard receiving equipment of the GLONASS/GPS system.”
- Standard IEC 61993-2 Part 2 “Universal Automatic Identification System (AIS) Class A ship equipment. Technical and operational requirements, methods and required test results.”
- Standard IEC 61993-1 “Ship automatic transponders using DSC mode in the VHF maritime mobile service.”
- Recommendation ITU-R M.1371-1 “Technical characteristics of a universal shipborne automatic identification system (AIS) using time division multiple access in the VHF maritime mobile frequency band.”
- IMO Resolution A.917(22) “Guidelines for the use of shipboard AIS
- etc.
1. History of the system
2. System requirements
3. Ship's AIS
4. Organization of AIS work
5. Development of AIS in Russia
1. History of the system
At the 63rd session of the Maritime Safety Committee (MSC) of the International Maritime Organization(IMO) (8-25 May 1994) Germany made a proposal on the need to introduce transponder systems for mutual identification of ships and data transmission to coastal services (VTS), as well as to improve navigation safety (MSC 63/7/9).
At the 40th session of the BSPC (July 1994), Sweden made a proposal (NAV 40/7/15) to implement transponders using the latest protocol, Self-Organizing Time Sharing Data Link (SOTDMA). Application of this protocol, borrowed from aviation , allows you to use one frequency channel with high reliability (more than 95%) to transmit information about the location of a vessel with short time intervals, using this data to solve problems of ship warning (ship-to-ship) and for precise control of the movement of ships along narrow approach channels and fairways in VTS (ship-to-shore). In 1995, based on feasibility studies carried out at TsNIIMF, the Russian Federation submitted a note to the IMO (NAV 41/6/26) strongly supporting Sweden’s position on the need to use a modern protocol with broad capabilities for reliable exchange of navigation information, which could justify expenses of shipowners for the inclusion of a new device in the navigation equipment of the vessel.
Support was also expressed by Finland, INTERTANKO and others. However, the majority of delegations at the BSPC, taking into account the beginning of industrial production of transponders with the DSC protocol, maintained the position of limiting the capabilities of transponders to identification functions and cargo data at the first stage of implementation with its future replacement by a universal one.
In December 1996, the MSC, based on a study of the positions of states, decided in favor of a single universal transponder based on the use of the SOTDMA protocol. In May 1998, on the recommendation of the BSPC, the Maritime Safety Committee adopted recommendation MSC.74(69) with operational requirements for ship transponders. In October 1998, ITU-R issued Recommendation M.1371, which contains the basic principles for the construction of AIS (Automatic Identification System). Somewhat earlier (1997), the World Radio Conference allocated two frequencies for AIS operation on a global basis: 161.975 MHz (AIS-1) and 162.025 MHz (AIS-2). The International Electrotechnical Commission (IEC) is developing a standard for AIS N 61993-2, which contains the technical parameters of universal transponders and test methods.
In accordance with the requirements of Chapter 5 "Safety of Navigation" of the Safety of Life at Sea (SOLAS) Convention, adopted by IMO Resolution MSC.99(73) of December 5, 2000, starting from July 1, 2002, all newly built ships are required to install fundamentally new navigation equipment - an automatic information (identification) system (AIS).
– Overall dimensions – 17x11x12 mm 3 .
4.7.3. Sensors of pitching parameters.
IN Currently, on the basis of modern technologies, various types of instruments have been created to measure the parameters of the motion of a ship's hull while heaving: single- and two-coordinate inclinometers, detectors of angular movements, sensors of linear displacements and combined devices, including meters of angular and linear displacements over all six spatial degrees of freedom.
The use of instruments for obtaining the parameters of a ship's motion when heaving, including three angular velocity sensors and three accelerometers, makes it possible to evaluate the forces caused by heaving on the ship's hull and in cargo fastenings, as well as to reasonably select the storm mode. Sample systems for monitoring loads and selecting storm conditions based on measured data on the parameters of the ship's motion while heaving have already been created.
A number of devices for assessing rolling parameters are based on the use of silicon vibrogyrometers and accelerometers. They provide information for determining all components of the movement of the ship's hull in waves (Pitch, Roll, Yaw, Surge, Sway, Heave). An example of this type of sensor is equipment from Silicon Sensing Systems Japan Ltd, built according to
strapdown technologies. It allows you to measure:
Angular velocities in the range from 0.1 to 1000 / s with a resolution of 0.10 / s, - yaw, pitch and roll angles with an accuracy of 0.10,
Linear accelerations with a mean square error of 0.01 m/s2.
4.8. Automatic identification systems.
4.8.1. General information.
Automatic Identification System - AIS (Automatic Identification System - AIS) is a technical navigation aid that uses the mutual exchange of information between ships, between a ship and the shore, as well as between a navigation aid and a ship (or coast station), in order to:
vessel identification,
solving problems of collision avoidance,
control of compliance with the navigation regime and monitoring of vessels at sea,
improving the performance of the navigation fence.
AIS is regarded as the greatest advance in navigational safety since the invention of radar. AIS is also called
automatic identification and information systems,
emphasizing that they are used not only for identification purposes.
Automatic identification systems allow you to:
– exchange information between ships when they diverge at sea;
– transmit information about the vessel and its cargo to coastal services;
– send navigation data from the vessel to coastal traffic control systems (VTS) in order to ensure more accurate and reliable navigation;
– VTS provide navigation assistance to vessels;
– transmit information from fence navigation aids to the ship or coast station for their identification, timely detection, and obtaining accurate coordinates.
Navigation and meteorological warnings can be transmitted via AIS from the shore to ships sailing in coastal waters.
AIS operates on two VHF frequencies: 161.975 MHz (AIS-1, channel 87) and 162.025 MHz (AIS-2, channel 88), allocated by the International Telecommunications Union. Data exchange between AIS stations is carried out using self-organizing time division and free access SOTDMA (Self-Organized Time Division Multiple Access) technology. This technology allows for the transmission of compound message blocks at high speed, guaranteeing reliable simultaneous data exchange with many other AIS.
The AIS range depends on the height of the antenna and is about 20÷ 30 miles.
On ships, AIS must be in working order at all times, except in situations and areas where information security is required. In these situations and areas, the captain has the right to disable AIS to prevent the possibility of its data being used for undesirable purposes.
4.8.2. On-board AIS equipment.
Types of on-board AIS equipment.Shipboard AIS equipment is called "universal transponder". There are class A and class B onboard equipment.
Class A equipment must fully comply with the IMO requirements for AIS and be installed on ships specified in regulation 19 of chapter 5 of SOLAS.
The requirements for Class B AIS are below. Equipment in this class may not fully comply with IMO standards. It is simpler, cheaper than a universal Class A transponder and is intended for small vessels that are not covered by the AIS convention.
Equipment composition. Shipboard AIS equipment is used for data exchange, synchronization, generation and switching of information flows.
The universal AIS transponder (Fig. 4.27) consists of a main unit (Transponder unit), a control and display module
(Multiplexed Keyboard and Display unit), VHF and GPS antennas.
Main unit
Control and display unit
Rice. 4.27. AIS on-board equipment set.
The main unit includes a transceiver, a communications processor, an internal GPS receiver, a means of monitoring the reliability of transmitted and received data, and a built-in automatic testing system.
To the transceiver includes three independent receivers (two SOTDMA, one digital selective call: DSC - Digital Selective Calling), one transmitter that emits data by selecting one of two SOTDMA channels. It can also be used to answer a request on a digital selective calling channel.
Internal GPS receiver provides mainly accurate time synchronization of the reception/transmission of AIS information. It can also be used as a backup sensor for the position, track angle and speed of the vessel in the event of failure of the main external GPS receiver.
Communication processor creates and distributes data packets over time to transmit static, dynamic information about the vessel and voyage information. It controls the reception of data over the communication line
AIS decrypts and organizes them, controls the output of information to display devices, regulates the process of reading information from navigation devices, controls the set of marine frequencies and switching channels.
Control and display unit contains a keyboard with a small text display to display the information being typed and the minimum required information received. Using the keyboard, some of the information intended for transmission is entered. The entered data is displayed on the display, which allows you to control its correctness. The AIS keyboard and display must be independent of other navigation devices.
Equipment interfaced with AIS. The control and display unit has means for docking with equipment that implements the IEC 61162 protocol. The following can be connected to it: SNS receiver, gyrocompass, log, gyroscopic angular velocity indicator, roll and roll parameters sensors, Inmarsat-S long-distance communication station, as well as external systems displays: radar, ARPA, EKDIS, EX, RKDS, PC. Data from the external SNS receiver are received in the WGS84 geodetic coordinate system with a resolution of no worse than one ten-thousandth of an arc minute.
Power supply. AIS and its associated information sensors are powered by the ship's main electrical power source. Additionally, they must have alternative power supply units.
On-board equipment functions. The universal AIS transponder provides:
– automatic vessel identification;
– self-organization of the system and control of access to radio channels;
– receiving data via radio channel from AIS of other ships, coastal centers and fencing facilities;
– transmission of own data into a radio channel for use by other ships and coastal centers;
– receiving and processing information from systems and devices connected to AIS on your own ship;
– input of static, additional dynamic data and binary messages to be sent to the radio channel;
– saving static data intended for automatic transmission;
– outputting information received via radio channel to display devices;
– providing information about its performance, detection of problems and failure;
– preventing unauthorized changes to entered or transmitted data;
– the ability to disable AIS by the ship's captain in areas where AIS information can be used for nefarious purposes.
